Even old servers deserve our help.

You too may have spent some time recently, responding to the Shellshock threat. Most (many ?) sites had a pretty good grip and were able to apply available patches easily and reduce their visibility quickly. I thought of one client that still has an old RHEL3 system with a public face. Not used for much, easily overlooked…

Shellshock_NSHx

.. manually update your old bash ..

Not finding ready to apply RPM packages for this RHEL3 bash – I turned to the search engines and found Steve Jenkins blog post on this very topic. With his excellent guidance I patched my exact version source and produced new binaries for this old system, much easier than I had expected. AND, there were no versionitus complications that often plague older system updates. Of course it helps that something as fundamental as GNUbash would have an extensive archive of old versions, and many, many patches.

This will not always be so easy to fix such a wide-spread problem, so be sure to check with your clients and look for old half-forgotten systems that may still be vulnerable. This is an easy way to become a hero.

Digging deeper into Steve’s blog, I learned some of his history and now more fully recognize his contributions over the years. Anyone else remember WinFiles.COM ?

I’ll probably subscribe to his blog, and learn some more along the way.
Looks like a lot of really good stuff in here.

Thanks Steve.. /;^)

Advertisements

About wb5rmg

Twitter-ish Bio: AMSAT, APRS, ARES, ARRL, Cisco, Dad, Digital, EmComm, Husband, Kundalini, IA, IT, LinkedIn, NASA, RedHat, Satellites, SomeNet, TV, WireShark, WordPress, ZFx My day job is Network Engineering for NASA @ MSFC, primarily supporting the International Space Station. My other 'job' is working as an Assistant ARRL Emergency Coordinator for the Huntsville - Madison County AL Amateur Radio Emergency Service ... /;^)
This entry was posted in consulting, internet, Linux and tagged , , , , , . Bookmark the permalink.

One Response to Even old servers deserve our help.

  1. Steve Jenkins says:

    🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s